Dogged by concerns about security, Huawei's enterprise business in North America faces an uphill battle against domestic competitors as the China-based manufacturer seeks to get a foothold in new markets.

But with the gaping security holes and shady surveillance deals of vendors like Cisco and HP, it is hard to discern how much riskier Huawei is than its domestic competition. The vendors' quality, however, is much easier for prospective U.S. customers to judge, and that could make it an even longer-term hurdle for the Chinese equipment maker’s North American ambitions.

Huawei declined repeated interview requests for this article, citing its executives' busy post-July 4 vacation schedules as the reason for the lack of availability.

In report after report and speech after speech, U.S. government officials expressed concerns that China is, or will be, using Huawei's equipment to covertly intercept sensitive communications, endangering not only America's security, but also U.S. corporate competitiveness. Security concerns about Huawei seem to endlessly grab headlines.

"There's concern in Europe and North America about security of Chinese-designed networking equipment," said Alan Weckel, director at market research firm Dell'Oro Group. "Certain governments and certain enterprises just will never be allowed to buy Huawei in the foreseeable future, and that's both for networking and VoIP."

Huawei is an easy target. Allegations of secret backdoors and covert ties to China's Ministry of State Security (MSS) are a wonderfully untestable hypothesis: If security holes are discovered in Huawei products, that proves the Chinese are using them to gather intelligence; if they are not discovered, that simply means the MSS is doing its job successfully.

Increasingly, however, hardware -- regardless of the supplier -- is at least partially manufactured or assembled in China. A 2011 report by the U.S.-China Economic and Security Review Commission examined the security implications of Huawei's rise but ultimately concluded that the dangers of espionage went deeper than any one company. Instead, the commission found that fundamental economic shifts and control of the supply chains of all technology manufacturers is a security concern.

"Without being unduly alarmist, decision makers in both government and industry should nevertheless take an objective look at the potential security vulnerabilities posed by dependence upon Chinese corporations for electronics components and/or telecommunications services and work toward solutions that appropriately balance U.S. economic and national security interests," the report concluded.

Whether a U.S. enterprise or the NSA, the rule is the same: Trust no one

Enterprises should assume every vendor is a security risk, regardless of nationality or reputation, said Davi Ottenheimer, president of the security consultancy flyingpenguin LLC.

"It used to be common in the nineties to not trust any system at all," he said. "The future of communications is going to be around encrypting everything. The market should bear encryption."

Rebecca adopts this approach with her clients, and while she prefers not to use Huawei, she's comfortable using it if the client already has it deployed.

"As a very security-focused organization, we adopt a policy of assuming that all products are full of vulnerabilities by default until they've proven themselves," she wrote. "Any sensitive data is encrypted before it hits the network, and we use open source code wherever possible, basically assuming that all network traffic is eavesdropped anyway."

That healthy paranoia echoes W. C. Fields -- be free of all prejudices by distrusting everyone equally -- and it might be resurging, thanks in part to America's own intelligence community.

All these concerns about the Huawei security threat, however, might pale for many enterprises when it comes to something more day-to-day: the quality and polish of the company's products. Network engineers have occasionally complained that some of the interfaces, for example, were clones -- and not particularly good ones -- of other vendors' products.

This cloning was at the heart of a 2004 lawsuit, when Cisco alleged that Huawei illegally copied Cisco's source code, command line interface (CLI) and other intellectual property into Huawei's switches and routers. The two companies ultimately settled, with Huawei agreeing to modify its products.

"I wouldn't go so far as to call it a knockoff brand, but I consider Huawei to be low-end," Rebecca said. "It gets the job done in most cases, but the biggest problem for us is lack of [technical] documentation. Even simple things, such as a list of supported AT commands for their 3G modems."

Similar small failings regularly surface in user complaints about Huawei's CLI and other functionality, providing new examples of the company's lack of polish. These product shortcomings ultimately give Rebecca the impression that, to Huawei, the "customer doesn't matter."

To any company looking to grow market share in the hotly competitive North America networking space, that might be the biggest vulnerability of all.

E-Handbook

0 comments

E-Mail

Username / Password

Password

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy